Switch to preset file for systemd units to disable.

This commit is contained in:
Matt McCutchen 2015-02-07 18:08:26 -05:00 committed by Marek Marczykowski-Górecki
parent ea47dfbd5d
commit 377e0b4cd4
3 changed files with 66 additions and 15 deletions

View File

@ -46,10 +46,11 @@ all:
make -C qubes-rpc
install-systemd:
install -d $(DESTDIR)$(SYSLIBDIR)/systemd/system $(DESTDIR)$(LIBDIR)/qubes/init $(DESTDIR)$(SYSLIBDIR)/modules-load.d
install -d $(DESTDIR)$(SYSLIBDIR)/systemd/system{,-preset} $(DESTDIR)$(LIBDIR)/qubes/init $(DESTDIR)$(SYSLIBDIR)/modules-load.d
install -m 0755 vm-systemd/*.sh $(DESTDIR)$(LIBDIR)/qubes/init/
install -m 0644 vm-systemd/qubes-*.service $(DESTDIR)$(SYSLIBDIR)/systemd/system/
install -m 0644 vm-systemd/qubes-*.timer $(DESTDIR)$(SYSLIBDIR)/systemd/system/
install -m 0644 vm-systemd/75-qubes-vm.preset $(DESTDIR)$(SYSLIBDIR)/systemd/system-preset/
install -m 0644 vm-systemd/ModemManager.service $(DESTDIR)$(LIBDIR)/qubes/init/
install -m 0644 vm-systemd/NetworkManager.service $(DESTDIR)$(LIBDIR)/qubes/init/
install -m 0644 vm-systemd/NetworkManager-wait-online.service $(DESTDIR)$(LIBDIR)/qubes/init/

View File

@ -547,6 +547,7 @@ The Qubes core startup configuration for SystemD init.
/lib/systemd/system/qubes-update-check.timer
/lib/systemd/system/qubes-updates-proxy.service
/lib/systemd/system/qubes-qrexec-agent.service
/lib/systemd/system-preset/75-qubes-vm.preset
/lib/modules-load.d/qubes-core.conf
/lib/modules-load.d/qubes-misc.conf
%dir /usr/lib/qubes/init
@ -583,21 +584,19 @@ done
rm -f /etc/systemd/system/default.target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
DISABLE_SERVICES="alsa-store alsa-restore auditd avahi avahi-daemon backuppc cpuspeed"
DISABLE_SERVICES="$DISABLE_SERVICES fedora-autorelabel fedora-autorelabel-mark ipmi hwclock-load hwclock-save"
DISABLE_SERVICES="$DISABLE_SERVICES mdmonitor multipathd openct rpcbind mcelog fedora-storage-init fedora-storage-init-late"
DISABLE_SERVICES="$DISABLE_SERVICES plymouth-start plymouth-read-write plymouth-quit plymouth-quit-wait"
DISABLE_SERVICES="$DISABLE_SERVICES sshd tcsd sm-client sendmail mdmonitor-takeover"
DISABLE_SERVICES="$DISABLE_SERVICES rngd smartd upower irqbalance colord"
for srv in $DISABLE_SERVICES; do
if [ -f /lib/systemd/system/$srv.service ]; then
if fgrep -q '[Install]' /lib/systemd/system/$srv.service; then
/bin/systemctl --no-reload disable $srv.service 2> /dev/null
grep '^[[:space:]]*[^#;]' /lib/systemd/system-preset/75-qubes-vm.preset | while read action unit_name; do
case "$action" in
(disable)
if [ -f /lib/systemd/system/$unit_name.service ]; then
if fgrep -q '[Install]' /lib/systemd/system/$unit_name; then
/bin/systemctl --no-reload preset $unit_name 2> /dev/null
else
# forcibly disable
ln -sf /dev/null /etc/systemd/system/$srv.service
ln -sf /dev/null /etc/systemd/system/$unit_name
fi
fi
;;
esac
done
rm -f /etc/systemd/system/getty.target.wants/getty@tty*.service

View File

@ -0,0 +1,51 @@
# Units that should not run by default in Qubes VMs.
#
# This file is part of the qubes-core-vm-systemd package. To ensure that the
# default configuration is applied to all units in the list regardless of
# package installation order, including units added to the list by
# qubes-core-vm-systemd upgrades, all units in the list are preset by a
# scriptlet every time qubes-core-vm-systemd is installed or upgraded. That
# means that to permanently enable a unit with an [Install] section, you must
# create your own higher-priority preset file. (It might be possible to be
# smarter and keep a list of units previously preset, but this is not
# implemented.)
#
# For units below with no [Install] section, the scriptlet masks them instead.
# Qubes currently does not provide a way to permanently prevent such units from
# being masked.
#
# https://groups.google.com/d/topic/qubes-users/dpM_GHfmEOk/discussion
disable alsa-store.service
disable alsa-restore.service
disable auditd.service
disable avahi.service
disable avahi-daemon.service
disable backuppc.service
disable cpuspeed.service
disable fedora-autorelabel.service
disable fedora-autorelabel-mark.service
disable ipmi.service
disable hwclock-load.service
disable hwclock-save.service
disable mdmonitor.service
disable multipathd.service
disable openct.service
disable rpcbind.service
disable mcelog.service
disable fedora-storage-init.service
disable fedora-storage-init-late.service
disable plymouth-start.service
disable plymouth-read-write.service
disable plymouth-quit.service
disable plymouth-quit-wait.service
disable sshd.service
disable tcsd.service
disable sm-client.service
disable sendmail.service
disable mdmonitor-takeover.service
disable rngd.service
disable smartd.service
disable upower.service
disable irqbalance.service
disable colord.service